Bug 730964 (CVE-2011-1836)

Summary: CVE-2011-1836 ecryptfs-utils: ecryptfs-recover-private insecure permissions on the temporary mount point
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: esandeen, mhlavink
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-08 10:58:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 729474    
Bug Blocks: 729476    

Description Tomas Hoger 2011-08-16 12:05:34 UTC 
Quoting Ubuntu advisory:

Marc Deslauriers discovered that eCryptfs incorrectly handled permissions during recovery. A local attacker could use this flaw to possibly access another user's data during the recovery process. This issue only applied to Ubuntu 11.04. (CVE-2011-1836)

References:
http://www.ubuntu.com/usn/usn-1188-1/
https://launchpad.net/bugs/732628

Patch is attached in the bug that track other issues from the advisory:
https://bugzilla.redhat.com/show_bug.cgi?id=729465#c4
Comment 1 Tomas Hoger 2011-08-16 12:09:03 UTC 
As was noted in bug #729465, comment #8:

CVE-2011-1836 only affects Fedora; ecryptfs-recover-private does not exist in
ecryptfs-utils-82 (which is what is shipped with Red Hat Enterprise Linux 6).

Statement:

Not vulnerable. This issue did not affect the versions of ecryptfs-utils as
shipped with Red Hat Enterprise Linux 5 or 6.